Branch '2.3-stable' - 1st.README
Git Service User
git at kolabsys.com
Thu Apr 14 11:32:52 CEST 2011
1st.README | 99 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 99 insertions(+)
New commits:
commit b2dbeca75ea91e8c44de16c198228bec6cfddf41
Author: Christoph Wickert <wickert at kolabsys.com>
Date: Thu Apr 14 11:32:46 2011 +0200
release-notes.txt: Initial draft of 2.3.0 update instructions
diff --git a/1st.README b/1st.README
index d570044..93fdefc 100644
--- a/1st.README
+++ b/1st.README
@@ -126,6 +126,105 @@ Or alternatively if the Kolab server was stopped before the upgrade:
# /kolab/bin/openpkg rc all start
+Upgrade from 2.2.4 to 2.3.0
+---------------------------
+
+FIXME: Pakete entfernen
+FIXME: rfc2739.schema muss raus bzw darf niht zurückgemerged werden
+FIXME: Pakete recompilern für opelssl
+
+OpenLDAP has been updated to version 2.4.23 in this release of Kolab. As this
+introduces many changes to your LDAP setup, please read these instructions
+carefully.
+
+Due to a change in OpenLDAP's core.schema the 'countryName' or 'c' attribute
+no longer allows using free text but only 2-letter codes from ISO 3166. If you
+use the 'countryName' attribute to store data, you will have to continue using
+your old core.schema or to replace your own values with ISO country codes.
+
+Both procedures are described here as follows.
+
+0. Make a backup of your installation and data stored inside /kolab
+
+1. The Kolab server must be stopped:
+
+ # /kolab/bin/openpkg rc all stop
+
+2. Save the current LDAP data:
+
+ Copy the contents of the openldap database, use a different output
+ filename if you want. You should make sure that no other users can
+ read the sensitive data contained in the ldif file, e.g. with umask
+ (limited to the slapcat call by using parentheses):
+
+ # (umask 077 && /kolab/sbin/slapcat > ~/kolab-2.2.4.ldif)
+
+3. Start the standard upgrade:
+ (as described in the General update instructions)
+
+ # sh install-kolab.sh 2>&1 | tee /root/kolab-update.log
+
+Replacing values (recommended)
+
+Because of the unlimited number of possible values we cannot provide an
+upgrade script. , but here is a little help for you:
+
+4. To get a list of values used in the countryName attribute run
+
+ # grep ^c: ~/kolab-2.2.4.ldif | awk '{print $2}' | sort -u
+
+5. Replace the values with the ISO country codes from
+ http://www.iso.org/iso/english_country_names_and_code_elements
+ To replace for example "Germany" with the code "DE", run
+
+ # sed 's|^c: Germany|c: DE|g' ~/kolab-2.2.4.ldif > ~/kolab-2.3.0.ldif
+
+6. Import the ldif again
+
+ # /kolab/sbin/slapadd < ~/new-format.ldif
+
+Keeping old values
+
+If you cannot change the countryName attributes of your users, you need do
+continue using your old core.schema. Make sure to do a backup before you
+upgrade to Kolab 2.3 and restore the file from the backup once the upgrade is
+done.
+
+4. /kolab/etc/openldap/schema/core.schema will be saved as core.rpmsave,
+ please move it back to the original name:
+
+ # cd /kolab/etc/openldap && mv core.schema.rpmsave core.schema
+
+ FIXME: verify that the file is really saved as rpmsave
+ FIXME: is core.ldif needed?
+
+In previous versions of the Kolab Server, the distinguishing name (dn) to name
+users was built from their common name (cn) attribute and the cn was built
+from the attributes 'givenName' (e.g. John) and 'sn' (Doe). Therefore it was
+not possible to have two users of the same name or two accounts for the same
+person (cn=John Doe) since each dn must be distinct.
+
+Kolab 2.3 uses the 'uid' attribute to build the dn. This change is backwards
+compatible. Existing users will continue to use the old dn while new users
+will be created following the new scheme. This means that you can create an
+account with the same cn after the upgrade.
+
+To take however full advantage of the new scheme, you need to convert your
+LDAP with the script 'phpdn' from FIXME. To convert your existing
+LDAP, please run the following commands as root or user 'kolab':
+
+FIXME: needs to be checked
+
+# /kolab/sbin/slapcat > ~/old-format.ldif
+# php phpdn.php -i old-format.ldif -o new-format.ldif
+# /kolab/sbin/slappadd < ~/new-format.ldif
+
+Synchronization between master and slaves is now performed using syncrepl
+instead of slurpd. This change requires no further modifications on your side,
+but if you are running multiple Kolab servers, make sure to upgrade them at
+the same time.
+
+
Upgrade from 2.2.3 to 2.2.4
---------------------------
More information about the commits
mailing list